<html><body>
<style>

body, h1, h2, h3, div, span, p, pre, a {
  margin: 0;
  padding: 0;
  border: 0;
  font-weight: inherit;
  font-style: inherit;
  font-size: 100%;
  font-family: inherit;
  vertical-align: baseline;
}

body {
  font-size: 13px;
  padding: 1em;
}

h1 {
  font-size: 26px;
  margin-bottom: 1em;
}

h2 {
  font-size: 24px;
  margin-bottom: 1em;
}

h3 {
  font-size: 20px;
  margin-bottom: 1em;
  margin-top: 1em;
}

pre, code {
  line-height: 1.5;
  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
}

pre {
  margin-top: 0.5em;
}

h1, h2, h3, p {
  font-family: Arial, sans serif;
}

h1, h2, h3 {
  border-bottom: solid #CCC 1px;
}

.toc_element {
  margin-top: 0.5em;
}

.firstline {
  margin-left: 2 em;
}

.method  {
  margin-top: 1em;
  border: solid 1px #CCC;
  padding: 1em;
  background: #EEE;
}

.details {
  font-weight: bold;
  font-size: 14px;
}

</style>

<h1><a href="identitytoolkit_v1.html">Identity Toolkit API</a> . <a href="identitytoolkit_v1.projects.html">projects</a></h1>
<h2>Instance Methods</h2>
<p class="toc_element">
  <code><a href="identitytoolkit_v1.projects.accounts.html">accounts()</a></code>
</p>
<p class="firstline">Returns the accounts Resource.</p>

<p class="toc_element">
  <code><a href="identitytoolkit_v1.projects.tenants.html">tenants()</a></code>
</p>
<p class="firstline">Returns the tenants Resource.</p>

<p class="toc_element">
  <code><a href="#close">close()</a></code></p>
<p class="firstline">Close httplib2 connections.</p>
<p class="toc_element">
  <code><a href="#createSessionCookie">createSessionCookie(targetProjectId, body=None, x__xgafv=None)</a></code></p>
<p class="firstline">Creates a session cookie for the given Identity Platform ID token. The session cookie is used by the client to preserve the user's login state.</p>
<p class="toc_element">
  <code><a href="#queryAccounts">queryAccounts(targetProjectId, body=None, x__xgafv=None)</a></code></p>
<p class="firstline">Looks up user accounts within a project or a tenant based on conditions in the request.</p>
<h3>Method Details</h3>
<div class="method">
    <code class="details" id="close">close()</code>
  <pre>Close httplib2 connections.</pre>
</div>

<div class="method">
    <code class="details" id="createSessionCookie">createSessionCookie(targetProjectId, body=None, x__xgafv=None)</code>
  <pre>Creates a session cookie for the given Identity Platform ID token. The session cookie is used by the client to preserve the user&#x27;s login state.

Args:
  targetProjectId: string, The ID of the project that the account belongs to. (required)
  body: object, The request body.
    The object takes the form of:

{ # Request message for CreateSessionCookie.
  &quot;idToken&quot;: &quot;A String&quot;, # Required. A valid Identity Platform ID token.
  &quot;tenantId&quot;: &quot;A String&quot;, # The tenant ID of the Identity Platform tenant the account belongs to.
  &quot;validDuration&quot;: &quot;A String&quot;, # The number of seconds until the session cookie expires. Specify a duration in seconds, between five minutes and fourteen days, inclusively.
}

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Response message for CreateSessionCookie.
  &quot;sessionCookie&quot;: &quot;A String&quot;, # The session cookie that has been created from the Identity Platform ID token specified in the request. It is in the form of a JSON Web Token (JWT). Always present.
}</pre>
</div>

<div class="method">
    <code class="details" id="queryAccounts">queryAccounts(targetProjectId, body=None, x__xgafv=None)</code>
  <pre>Looks up user accounts within a project or a tenant based on conditions in the request.

Args:
  targetProjectId: string, The ID of the project to which the result is scoped. (required)
  body: object, The request body.
    The object takes the form of:

{ # Request message for QueryUserInfo.
  &quot;expression&quot;: [
    { # Query conditions used to filter results.
      &quot;email&quot;: &quot;A String&quot;, # A case insensitive string that the account&#x27;s email should match. Only one of `email`, `phone_number`, or `user_id` should be specified in a SqlExpression. If more than one is specified, only the first (in that order) will be applied.
      &quot;phoneNumber&quot;: &quot;A String&quot;, # A string that the account&#x27;s phone number should match. Only one of `email`, `phone_number`, or `user_id` should be specified in a SqlExpression. If more than one is specified, only the first (in that order) will be applied.
      &quot;userId&quot;: &quot;A String&quot;, # A string that the account&#x27;s local ID should match. Only one of `email`, `phone_number`, or `user_id` should be specified in a SqlExpression If more than one is specified, only the first (in that order) will be applied.
    },
  ],
  &quot;limit&quot;: &quot;A String&quot;, # The maximum number of accounts to return with an upper limit of __500__. Defaults to _500_. Only valid when `return_user_info` is set to `true`.
  &quot;offset&quot;: &quot;A String&quot;, # The number of accounts to skip from the beginning of matching records. Only valid when `return_user_info` is set to `true`.
  &quot;order&quot;: &quot;A String&quot;,
  &quot;returnUserInfo&quot;: True or False, # If `true`, this request will return the accounts matching the query. If `false`, only the __count__ of accounts matching the query will be returned. Defaults to `true`.
  &quot;sortBy&quot;: &quot;A String&quot;,
  &quot;tenantId&quot;: &quot;A String&quot;, # The ID of the tenant to which the result is scoped.
}

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Response message for QueryUserInfo.
  &quot;recordsCount&quot;: &quot;A String&quot;, # If `return_user_info` in the request is true, this is the number of returned accounts in this message. Otherwise, this is the total number of accounts matching the query.
  &quot;userInfo&quot;: [ # If `return_user_info` in the request is true, this is the accounts matching the query.
    { # An Identity Platform account&#x27;s information.
      &quot;createdAt&quot;: &quot;A String&quot;, # The time, in milliseconds from epoch, when the account was created.
      &quot;customAttributes&quot;: &quot;A String&quot;, # Custom claims to be added to any ID tokens minted for the account. Should be at most 1,000 characters in length and in valid JSON format.
      &quot;customAuth&quot;: True or False, # Output only. Whether this account has been authenticated using SignInWithCustomToken.
      &quot;dateOfBirth&quot;: &quot;A String&quot;, # Output only. The date of birth set for the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
      &quot;disabled&quot;: True or False, # Whether the account is disabled. Disabled accounts are inaccessible except for requests bearing a Google OAuth2 credential with proper permissions.
      &quot;displayName&quot;: &quot;A String&quot;, # The display name of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
      &quot;email&quot;: &quot;A String&quot;, # The account&#x27;s email address. The length of the email should be less than 256 characters and in the format of `name@domain.tld`. The email should also match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec.
      &quot;emailLinkSignin&quot;: True or False, # Output only. Whether the account can authenticate with email link.
      &quot;emailVerified&quot;: True or False, # Whether the account&#x27;s email address has been verified.
      &quot;initialEmail&quot;: &quot;A String&quot;, # The first email address associated with this account. The account&#x27;s initial email cannot be changed once set and is used to recover access to this account if lost via the RECOVER_EMAIL flow in GetOobCode. Should match the [RFC 822](https://tools.ietf.org/html/rfc822) addr-spec.
      &quot;language&quot;: &quot;A String&quot;, # Output only. The language preference of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
      &quot;lastLoginAt&quot;: &quot;A String&quot;, # The last time, in milliseconds from epoch, this account was logged into.
      &quot;lastRefreshAt&quot;: &quot;A String&quot;, # Timestamp when an ID token was last minted for this account.
      &quot;localId&quot;: &quot;A String&quot;, # Immutable. The unique ID of the account.
      &quot;mfaInfo&quot;: [ # Information on which multi-factor authentication providers are enabled for this account.
        { # Information on which multi-factor authentication (MFA) providers are enabled for an account.
          &quot;displayName&quot;: &quot;A String&quot;, # Display name for this mfa option e.g. &quot;corp cell phone&quot;.
          &quot;emailInfo&quot;: { # Information about email MFA. # Contains information specific to email MFA.
            &quot;emailAddress&quot;: &quot;A String&quot;, # Email address that a MFA verification should be sent to.
          },
          &quot;enrolledAt&quot;: &quot;A String&quot;, # Timestamp when the account enrolled this second factor.
          &quot;mfaEnrollmentId&quot;: &quot;A String&quot;, # ID of this MFA option.
          &quot;phoneInfo&quot;: &quot;A String&quot;, # Normally this will show the phone number associated with this enrollment. In some situations, such as after a first factor sign in, it will only show the obfuscated version of the associated phone number.
          &quot;totpInfo&quot;: { # Information about TOTP MFA. # Contains information specific to TOTP MFA.
          },
          &quot;unobfuscatedPhoneInfo&quot;: &quot;A String&quot;, # Output only. Unobfuscated phone_info.
        },
      ],
      &quot;passwordHash&quot;: &quot;A String&quot;, # The account&#x27;s hashed password. Only accessible by requests bearing a Google OAuth2 credential with proper [permissions](https://cloud.google.com/identity-platform/docs/access-control).
      &quot;passwordUpdatedAt&quot;: 3.14, # The timestamp, in milliseconds from the epoch of 1970-01-01T00:00:00Z, when the account&#x27;s password was last updated.
      &quot;phoneNumber&quot;: &quot;A String&quot;, # The account&#x27;s phone number.
      &quot;photoUrl&quot;: &quot;A String&quot;, # The URL of the account&#x27;s profile photo. This account attribute is not used by Identity Platform. It is available for informational purposes only.
      &quot;providerUserInfo&quot;: [ # Information about the user as provided by various Identity Providers.
        { # Information about the user as provided by various Identity Providers.
          &quot;displayName&quot;: &quot;A String&quot;, # The user&#x27;s display name at the Identity Provider.
          &quot;email&quot;: &quot;A String&quot;, # The user&#x27;s email address at the Identity Provider.
          &quot;federatedId&quot;: &quot;A String&quot;, # The user&#x27;s identifier at the Identity Provider.
          &quot;phoneNumber&quot;: &quot;A String&quot;, # The user&#x27;s phone number at the Identity Provider.
          &quot;photoUrl&quot;: &quot;A String&quot;, # The user&#x27;s profile photo URL at the Identity Provider.
          &quot;providerId&quot;: &quot;A String&quot;, # The ID of the Identity Provider.
          &quot;rawId&quot;: &quot;A String&quot;, # The user&#x27;s raw identifier directly returned from Identity Provider.
          &quot;screenName&quot;: &quot;A String&quot;, # The user&#x27;s screen_name at Twitter or login name at GitHub.
        },
      ],
      &quot;rawPassword&quot;: &quot;A String&quot;, # Input only. Plain text password used to update a account&#x27;s password. This field is only ever used as input in a request. Identity Platform uses cryptographically secure hashing when managing passwords and will never store or transmit a user&#x27;s password in plain text.
      &quot;salt&quot;: &quot;A String&quot;, # The account&#x27;s password salt. Only accessible by requests bearing a Google OAuth2 credential with proper permissions.
      &quot;screenName&quot;: &quot;A String&quot;, # Output only. This account&#x27;s screen name at Twitter or login name at GitHub.
      &quot;tenantId&quot;: &quot;A String&quot;, # ID of the tenant this account belongs to. Only set if this account belongs to a tenant.
      &quot;timeZone&quot;: &quot;A String&quot;, # Output only. The time zone preference of the account. This account attribute is not used by Identity Platform. It is available for informational purposes only.
      &quot;validSince&quot;: &quot;A String&quot;, # Oldest timestamp, in seconds since epoch, that an ID token should be considered valid. All ID tokens issued before this time are considered invalid.
      &quot;version&quot;: 42, # The version of the account&#x27;s password. Only accessible by requests bearing a Google OAuth2 credential with proper permissions.
    },
  ],
}</pre>
</div>

</body></html>